def check_signature(filename): """Check if ``filename`` embeds a valid signature. :return: :class:`int`: ``0`` if ``filename`` have a valid signature else the error """ file_data = WINTRUST_FILE_INFO() file_data.cbStruct = ctypes.sizeof(WINTRUST_FILE_INFO) file_data.pcwszFilePath = filename file_data.hFile = None file_data.pgKnownSubject = None WVTPolicyGUID = WINTRUST_ACTION_GENERIC_VERIFY_V2 win_trust_data = WINTRUST_DATA() win_trust_data.cbStruct = ctypes.sizeof(WINTRUST_DATA) win_trust_data.pPolicyCallbackData = None win_trust_data.pSIPClientData = None win_trust_data.dwUIChoice = WTD_UI_NONE win_trust_data.fdwRevocationChecks = WTD_REVOKE_NONE win_trust_data.dwUnionChoice = WTD_CHOICE_FILE win_trust_data.dwStateAction = WTD_STATEACTION_VERIFY win_trust_data.hWVTStateData = None win_trust_data.pwszURLReference = None win_trust_data.dwUIContext = 0 #win_trust_data.dwProvFlags = 0x1000 + 0x10 + 0x800 win_trust_data.tmp_union.pFile = ctypes.pointer(file_data) x = winproxy.WinVerifyTrust(None, ctypes.byref(WVTPolicyGUID), ctypes.byref(win_trust_data)) win_trust_data.dwStateAction = WTD_STATEACTION_CLOSE winproxy.WinVerifyTrust(None, ctypes.byref(WVTPolicyGUID), ctypes.byref(win_trust_data)) return wintrust_return_value_mapper[x & 0xffffffff]
def verify_file(verify_file_info, union_choice=WTD_CHOICE_FILE, union_data=None, action_id=WINTRUST_ACTION_GENERIC_VERIFY_V2, policy_callback_data=None): file_info = WINTRUST_FILE_INFO() file_info.cbStruct = ctypes.sizeof(WINTRUST_FILE_INFO) file_info.hFile = verify_file_info.file_handle trust_data = WINTRUST_DATA() trust_data.cbStruct = ctypes.sizeof(WINTRUST_DATA) trust_data.pPolicyCallbackData = policy_callback_data trust_data.dwUIChoice = WTD_UI_NONE trust_data.fdwRevocationChecks = WTD_REVOKE_WHOLECHAIN trust_data.dwUnionChoice = union_choice trust_data.dwStateAction = WTD_STATEACTION_VERIFY trust_data.dwProvFlags = WTD_SAFER_FLAG trust_data.tmp_union.pFile = ctypes.pointer(file_info) if union_choice == WTD_CHOICE_CATALOG: trust_data.tmp_union.pCatalog = ctypes.pointer(union_data) wss = WINTRUST_SIGNATURE_SETTINGS() wss.cbStruct = ctypes.sizeof(WINTRUST_SIGNATURE_SETTINGS) wss.dwFlags = WSS_GET_SECONDARY_SIG_COUNT | WSS_VERIFY_SPECIFIC wss.dwIndex = 0 trust_data.pSignatureSettings = ctypes.pointer(wss) status = winproxy.WinVerifyTrust(None, ctypes.byref(action_id), ctypes.byref(trust_data)) number_of_signatures, signatures = get_signatures_from_state_data( trust_data.hWVTStateData) for idx in range(1, trust_data.pSignatureSettings.contents.cSecondarySigs + 1): # Close the state data. trust_data.dwStateAction = WTD_STATEACTION_CLOSE winproxy.WinVerifyTrust(None, ctypes.byref(action_id), ctypes.byref(trust_data)) trust_data.hWVTStateData = None # Caller must reset dwStateAction as it may have been changed during the last call trust_data.dwStateAction = WTD_STATEACTION_VERIFY trust_data.pSignatureSettings.contents.dwIndex = idx status = winproxy.WinVerifyTrust(None, ctypes.byref(action_id), ctypes.byref(trust_data)) s_number_of_signatures, s_signatures = get_signatures_from_state_data( trust_data.hWVTStateData) if not s_signatures: print( f'get_signatures_from_state_data() failed. index={idx}, ' f'SecondarySign count={trust_data.pSignatureSettings.contents.cSecondarySigs}' ) break else: verify_file_info.secondary_signatures.append( SignatureInfo(s_number_of_signatures, s_signatures, status_to_verify_result(status))) # Close the state data. trust_data.dwStateAction = WTD_STATEACTION_CLOSE winproxy.WinVerifyTrust(None, ctypes.byref(action_id), ctypes.byref(trust_data)) return status_to_verify_result(status), number_of_signatures, signatures